Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.mobile.android > #146896
| From | "R.Wieser" <address@is.invalid> |
|---|---|
| Newsgroups | comp.mobile.android |
| Subject | Re: Why does open source software include a "signing key"? |
| Date | 2025-03-01 11:36 +0100 |
| Organization | A noiseless patient Spider |
| Message-ID | <vpunur$69ss$1@dont-email.me> (permalink) |
| References | <vpo1h2$2pfr$1@nnrp.usenet.blueworldhosting.com> <m2d8qqFo6b0U1@mid.individual.net> <vpt27q$2mns$1@nnrp.usenet.blueworldhosting.com> <m2g0m3F67bkU6@mid.individual.net> |
Arno , > Yes - because Android can then verify, if an update to an existing > app is still by the same publisher Thats starting one step to late. The first step is that, *at the moment of installing*, the app is verified to be the one mentioned in the signing key. As the signing key itself, upon the developers upload of the app to the wealled garden, is verified to be from that developer there is an unbroken chain of trust. But as you probably well know, that doesn't stop malicious and trojaned apps from appearing in Googles "walled garden" ... Regards, Rudy Wieser
Back to comp.mobile.android | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 21:36 +0000
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 21:44 +0000
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-26 22:36 +0000
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-02-28 08:43 +0100
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:30 +0000
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:46 +0000
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-02-28 21:42 +0100
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-02-28 09:01 +0100
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-02-28 19:19 +0000
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-01 10:00 +0100
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 09:54 +0000
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 10:12 +0000
Re: Why does open source software include a "signing key"? Marion <marion@facts.com> - 2025-03-01 10:27 +0000
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 11:44 +0100
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 11:36 +0100
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-01 14:22 +0100
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-01 15:40 +0100
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-06 11:30 +0100
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-06 12:29 +0100
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-07 09:01 +0100
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-07 09:50 +0100
Re: Why does open source software include a "signing key"? Arno Welzel <usenet@arnowelzel.de> - 2025-03-07 14:37 +0100
Re: Why does open source software include a "signing key"? "R.Wieser" <address@is.invalid> - 2025-03-07 14:58 +0100
csiph-web